CONTACT ME AT SKYPE : zkby2013 to get this complete setup

Chapter 1 : Downloading xDDoSeR1. We'll start off by going to the download page, which is found here2. When you're done, you should put all your xDDoSeR files into one folder like so :

3. Once completed and downloaded, proceed to the next step!

Chapter 2 : No-IP Setup1. Head to : No-IP.com and make a new account. If you already have one, great!2. Login with your newly created account and click on "Add a Host"

3. After that, you will be prompted with a screen that asks you for your hostname, domain, and all of that. Fill out only the hostname and the domain. Since xDDoSeR requires a 3 letter hostname and a domain as "no-ip.info", we will need to create a host with that layout. This is what mine looks like : 4. Now download the DUC client and install it. Login with your credentials and select the host you have created.

Chapter 3 : Port forward1. Click your Start button and open up Command Prompt (cmd.exe).2. Type in "ipconfig" and find your Default Gateway3. Since my default gateway is 192.168.2.1, I will enter that in my URL bar.4. You will need to forward ports : 81 and 19945. Depending on your router, you will have to look up a port forwarding tutorial.(IF YOU NEED HELP PORTFOWARDING I WILL BE HAPPY TO GO ON TEAMVIEWER)

Chapter 4 : Exploring xDDoSeR1. When you open xDDoSeR, you will see this screen :

2. Enter in your desired username (mine will be Dark_Noodles) and click Add.3. You will now see this very nice GUI : 4. As you noticed, there are 4 columns (Locations, Connections, Ping, and Status). Those columns list information on your bot.5. If you right click on xDDoSeR, you will notice there are more commands such as : Download Execute, Uninstall, Info, and Passwords.6. There are other options where you can change the GUI options, but those are not necessary.7. After that, everything seems to be cleared out. Let's move on the the next step.

Chapter 5. Building your bot1. If you noticed, there are 2 files that came with xDDoSeR.zip. xDDoSeR.exe and Bot Builder.exe2. For this step, we will need Bot Builder, which will be building our bot.3. Open it up and fill out your information. Mine looks like this : 4. Now click Build! If you encounter an error, please comment so I can help you fix it.

Chapter 6. Testing + Installs1. Once your bot has been built, click on it and you should see yourself appear on the connection list. To uninstall, simply rightclick on a client and click "Uninstall".

2. To DDoS, put in the IP and the port and hit "DDoS". To stop, click "Stop"3. If you wish to get installs, I suggest going to YouTube and start spreading on there.

Wednesday, 4 June 2014

This thread is purely for educational reasons. If you follow ANY of these steps and get arrested I am not responsible. This tutorial is designed from a theoretical prospective.

The world of botnets and blackhats is seriously messed up. Leave your morals at home.

Budget:What's your budget? To get a botnet started you'll need a minimal of 1.5k. This will include hosting,bot,FUD/Crypter. If you have good knowledge of c++ and how antivirus works you can most probably avoid purchasing a Crypter and create your own. This is the best option as only you have the Crypter+ stub (stub is the file you send to a potential vic).

Which bot?This part is entirely your choice. I highly recommend you avoid free bots as the builder (the part that inputs your domain ect into the stub) is most likely back doored. If you want a good public bot I'd recommend BetaBot from hackforums.net just create a account and search it. BetaBot is probably the only good thing that has and ever will come out of hackforums. HTTP bots are the only bots you should ever look at investing in. Irc uses more resources,less secure and easier to hijack. All a researcher has to do is to RE your stub and then they have your irc channel.

Hosting.Hosting is by far the most important part of building a successful and profitable botnet. The location of the servers is incredibly important. You'll need to avoid "the 5 eyes". America,UK,Canada,Australia and New Zealand. I prefer to host in a country that doesn't have strong relations to "the 5 eyes". I'd suggest china,Ukraine,Russia or Kenya. A good vps/dedi provider is http://www.dataclub.biz they're relatively cheap and you can choose where you'd like to host it. You don't really need bulletproof hosting (purchasable from ecatel.co.uk or cyberbunker.com) until you get around 25k-30k total bots.

Domain:A good botnet domain looks like random letters. I.e "djsoxneskfnsjxne". A good tip is to just bash your keyboard and see if its available lol. Honestly, the more random your domain looks the better. Namecheap.com is a good domain registrar. Another method is to create a legitimate looking domain I.e bitcointalk .com set the front page up as a legitimate forum and have the back end as your panel ect. This method will throw of 60% of researchers who for one reason or another found your domain.

Fast fluxThis is recommended if you start to exceed 25k bots total. If you don't know what fast flux is Wikipedia provides a accurate and in depth explanation.http://en.m.wikipedia.org/wiki/Fast_flux this will make it significantly harder for anyone to find and shut down your botnet. You can enable this feature (at additional cost) using namecheap.com via the DNS settings. It costs $100-200 but its well worth the cost.

Crypter/FUDIf you understand c++ and how AV works then well done, you've saved yourself $200 a year. If not, purchase from crypters.net. Because its cheap you'll be sharing the crypting method with a lot of other people. You can increase the time from creation-detection by avoiding sample sharing AV scanners such as virustotal. A private Crypter with a method only you use will most likely cost you 500-600 a month. This is obviously not practical for beginners.

Exploit kit:Exploit kits are probably the only thing it's ok to use for free. Black hole exploit kit has been leaked. The leak is rumoured to be domain locked but a bit of reverse engineering should fix that. The payloads will no longer be FUD so you'll have to re-FUD them. JavaScript obfuscation and java payload obfuscation isn't to hard. Once you've made your exploit kit FUD now you'll need to direct traffic to your payload link. Exploit kits have a payload link which loads the exploits and a panel link which is how you view execution rates and traffic received.Now, you'll need to get traffic on your payload link. This can be done via spam,website hacking,social media hacking or ad networks. Ad networks are a good starting point as you can load JS redirection scripts for .50 cents for 1k hits. This is very cost/time effective. You should expect about 10-15% execution rate using public exploits but 0-days in java,flash and Internet Explorer can bring anyway from 50% all the way up to 100%. Bare in mind 100% is incredibly rare and will most likely exploit syswide vulnerability in windows. These type of exploit kits also cost about 2k-10k a day.

Money Making:I'll now explain several methods on how to make money. Lets all face the facts. Unless you're a Xbox booting skid the only reason you're going to create a botnet is to make money. If you do it correctly and make contacts with well connected people you can expect 25-50k a month. Don't expect any of these methods to be easy or for them to be " click and forget". You'll need to input hours of work into creating scripts ect for you to see any sort of decent return.

Crypto-coin mining. After the bitcoin boom mining bitcoins has become a lot harder. Crypto coins such as lite coins are becoming a lot more profitable. You'll most likely need to bind OpenCL with your miner as some laptops ect don't have OpenCL installed. I'd recommend mining using GPU instead of CPU. A proxy is a must, if you don't use a proxy your pool account will get banned due to high traffic. With 10k bots mining 24/7 you can probably expect 2-3k USD a month. I personally used to target gamers as they have better hardware stats increasing my average # rate.

Ad-click fraud.What I personally do here is create a blog about finances or insurance (higher ad rates and legit traffic) then get accepted for Adsense. If you have 1k bots I get them all to load a article then get 6 to click ads. You need to rotate which 6 click ads so google doesn't get suspicious. Changing the number of clicks is also a good idea to avoid pattern detection. I personally do this once every 48-72 hours so its less suspicious (make sure you still get views) Another good source for ad clicks is Coinurl.com. This company pays via bitcoin so it's perfect for ad fraud. A good tip is to disable ad filters to show adult content as these pay more. You can most likely expect to see about 1-2k a month dependent on how many bots you have.

Referral program's:This is incredibly easy and highly profitable. The network I used to be partnered with paid 1 USD for every download. 99.9% of bots have download and execute features so this is a definitely a method you should look into.

YouTube views:If you have a YouTube channel simply get your bots to load the URL and wait for the ad to end. Payment is higher if adverts last the entire duration instead of 5 seconds so this is recommended. To avoid detection sprinkle maybe 100 - 200 5 second skips into the mix for every 1k views. You could create and execute a .bat script on your bots to change their IP address if they're on a dynamic line. This avoids IP tabling and makes the view appear "fresh". This will bring anywhere from 100-300 USD a month.

DDoS service:I personally used to charge 40USD a month for 4GBps then $2 extra for every 1GBps addition. This is why I don't use banking Trojans. They don't have DDoS functions which is a rather large potential profit loss. I'd expect to see about 500-600USD a month from this. If you don't want to use your bots for DDoS purchase a dedicated server with a good port speed (10GBps). The server must allow spoofing and then use DNS ampflication.

Now for more malicious payment methods. Remember, this blog is purely theoretical. This is not instructions,I'm just simply raising awareness. If you don't want to steal people's money I suggest you stop reading. The next few methods are highly illegal and will almost definitely draw attention from the FBI,secret service ect.

Bank fraud:It's pretty obvious what happens here. A vic visits a website for example, PayPal.com. They enter their login details and because your bot has a FormGrabber you receive these details. You then just simply login and send the money to your PayPal account. Advanced bots like Zues used a feature called web inject. All web inject did was check the balance stated in the account and then "spoof" the account balance to say that even after the funds are gone.

DDoS extortion:By far the easiest method ever. I could most likely teach a three year old how to do it. You simply launch a DDoS attack on a website then tell them to give you money to stop. For example, the week before the Super Bowl take down X ( X being a betting website) for Y amount of time (usually 2-3 hours will do it). You want to be hitting the website with high amounts of traffic probably around 20-30GBps. You then ring or email the company and tell them they have to pay for you to stop the attack. 1-2k is a good fee for your "protection". Any company with a brain larger than a grain of sand will see that they most likely make 1-2k in a hour and will pay up.

Targeted Po*nography:This method involves infecting the personal computer of a business man,politician or public figure and catching them doing something embarrassing. The best results are to be had if the target is "self pleasuring". You simply take a picture via their webcam then send it to them via email with a ransom amount. If they don't pay (90% of the time they do) you sell the pictures to the media. Either way you earn money. Remember, you have the potential to ruin someone's career. They will pay almost anything within reason. You can expect around 10-15k from each hit.

Spam:You'll either need a lot of smtp servers or access to email accounts. You simply send emails to a list of email addresses. The newer the better. Anonymous is your new best friend, lol. 1 million emails will earn you $150 link+malware free and 1.5k if they contain a link to a exploit kit or attachment. The people who buy spam outputs are on private boards so this isn't a easily accessible method.if you want rat or botnet setup add me at skype : zkby2013

Thursday, 29 May 2014

Q ? Whats RAT? A ? A RAT is also a shortcut called Remote Administrator Tool. It is mostly used for malicious purposes, such as controlling PC?s, stealing victims data, deleting or editing some files. You can only infect someone by sending him file called Server and they need to click it.

Q ? Download? A ? Well you can find any type of RAT here, on CHF.Also, you can buy FUD private version of RAT: Albertino RAT, Medusa Rat, jRAT etc. Also you will need DNS host for your RAT.

Q ? How do I control server? A - Once installed, RAT server can be controlled via RAT client. From IP list box you choose PC and connect.

Q ? What do I need to setup RAT? A - Well, you will need Windows OS, open port & RAT. To forward your port scroll for tutorial link or click this URL.

Q ? How do I port forward? A ? Port forwarding is easy and important for RAT. Well, you need open port because RAT connects through open port and bypass firewall. Open your web browser and write your IP and connect to your rooter(write Username: Admin & Password: Admin), open port forward page and write port you want and your IP. Well that?s all you need to do and now you got open port

Q ? How do I make my server FUD? A - If you want to make your server FUD again, you will need crypter(you can find free FUD one here.). Also, you can hex edit your server, but be careful some servers can crash after hex editing, any way check out this cool tutorial How to make FUD with hex editing.

Q ? How do I remove server if I infect myself? A - When you infect yourself, first what you going to do is to connect to your PC. Some RATs have function to uninstall servers, well you click that and you uninstall it. Well there is another way, download MalwareBytes? Anti-Malware and scan whole computer for Trojan.

Q ? Legal or illegal? A - Well some RATs are legal, and some are not. Legal are the one without backdoor left, and they have abillity to close connection anytime. Illegal are used for hacking and they can steal data(Credit Cards, Passwords, private data etc.).

Legal:

TeamViewer ? Access any remote computer via Internet just like sitting in front of it ? even through firewalls.UltraVNC ? Remote support software for on demand remote computer support. VNC.Specializing in Remote Computer Support, goto my pc, goto assist, Remote MaintenanceAmmyy Admin ? Ammyy Admin is a highly reliable and very friendly tool for remote computer access. You can provide remote assistance, remote administration or remoteMikogo ? Mikogo is an Online Meeting, Web Conferencing & Remote Support tool where you can share your screen with 10 participants in real-time over the Web.

Illegal:

Spy-Net Cerberus RAT CyberGate RAT SubSeven Turkojan ProRAT

Q ? Where and how do I spread? A ? There are few different ways to spread your server. You can spread on warez websites, P2P file sharing websites(uTorrent, Pirate bay etc.), YouTube etc. Well some people use custom made Auto-Spreaders programs to spread their server. But best and most effective way to spread is when you FUD your server.

Q ? Whats DNS host? A - The Domain Name System (DNS) is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participants. Most importantly, it translates domain names meaningful to humans into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide.

Q ? What?s reverse Connection? A - A reverse connection is usually used to bypass firewall restrictions on open ports. The most common way a reverse connection is used is to bypass firewall and Router security restrictions.

Q ? Whats direct connection? A - A direct-connect RAT is a simple setup where the client connects to a single or multiple servers directly. Stable servers are multi-threaded, allowing for multiple clients to be connected, along with increased reliability.

Q ? Can I get traced when I rat somebody? A ? Yes and no. Depends on victim, it is really hard to remove infection or even trace a hacker. There are tools like WireShark, but it?s really hard to trace, because PC usually got over 300 connections. So don?t worry.

Here is one of the easiest way to spread your rats,bots,stealers etc.with javadriveby.

All you need for this javadriveby will be a Free webhosting or some of paid hosting..You already know, most kids are looking for porn sites on the internet, so i have build this simple JDB website and spread it with one way....

It is a simple embeded video player with 2 slideshow pics, tested and working on any browser..

Botnets, in a nutshell, are a bunch of infected computers connecting to one source... That source can be anything almost. A dedicated server, a home network, a client-type program, email, IRC... etc. There are several ways each can do their own thing. Client-type programs are generally things like "hostbooters" and RATs, but are not limited to just these. Dedicated servers usually either have PHP control panels to the bot or are set up via IRC for control. On home networks, they are generally IRCs set up (like a dumbass) on the persons computer or personal server in which he has them connect directly to him, but also these are exactly how client-types connect (but they use DNS routing to make them next to untraceable). I will explain the pros and cons of each type.

Client-type programs are generally less stable (note I say generally) than IRCs and HTTP botnets (HTTP referring to bots with PHP/HTML control panels). They usually are useful for nothing more than dicking around with DDoSing (on a low level) and having shits and giggles playing with peoples computers on a RAT (like watching them through their webcam while you turn the monitor on and off and open and close the disc tray). DDoSing on large levels like this are a fail usually as it takes so much time for all of your bots to connect to the booter when you first start it up, not to mention even through DNS routing, having this many connections at once hinders your speed to send out commands. For those big black hatters, trying to steal personal info from this is screaming to be locked up.

HTTP-type botnets connect to a command and control server somewhere. Usually, especially for botnets based out of the US, on an offshore dedicated server. The server doesnt have to be dedicated, but its annoying if you get hosted along side with somebody who whores all of your bandwidth and can not effectively utilize your network, not to mention security reasons if you have a larger net or an EXTREMELY illegal network like Zeus or SpyEye. These are the best for anything. Logging, fraud, DDoSing on low and high levels, stability (if the coder is worth two shits) and general commands (like Update and Download and execute sort of stuff) tend to be more effective and more useful. These take a little more knowledge to set up, but once you learn it is a lot quicker than IRCs from what I understand. You have to know a little C++ or C# (depending on your bot, maybe even VB.net) to be able to compile, you'll need some HTML/PHP knowledge to be able to configure your control panel, and you will probably need to know your way around MySQL for hosting files. If you want a one bad botnet, code the whole thing from scratch, bot and control panel. That way if it doesn't work, the only one you have to blame is yourself. It will also save you paying an arm and a leg for a half way decent bot on the black market.

IRC-type botnets I have no experience with what so ever. If somebody will kindly give me something to update the post here with, I will be more than glad too.

Other "botnets" can include dedicated programs like loggers. They can steal your passwords, bank info, cached info, record your keystrokes, and so much more. These tend to be the most dangerous, effective and highly sought after. I use these more than anything.

Best way to go: Learn to Program and Make Your Own. I am just now learning some C++, planning to learn some PHP, then I am starting on a network. This way you can add any feature you want to it. You can completely control the security for it. You will know everything the network is doing and how it is doing it, so if a problem arises, you will know how to fix it

For any kind of crypting services please add me we provide complete FUD service and its get UD we will refund you the money 100% working
The file should not be uploaded on the that distributes the file like mediafire other wise will be detected and it will be UD

DarkComet RAT is a free and popular Remote Administration Tool. This software is anefficient type of software, especially created to remote control any Microsoft Windows machine. It is famous for being one of if not the most stable and most complete RAT's available. Just like VNC and other similar types of software, DarkComet gives you the ability to connect to and control your systems, wherever you are. You can keep a close eye on your computers to supervise the online activity of your employees or children. Furthermore DatkComer RAT can be used to monitor your system, remotely assist your clients or family members to recover lost data or repair a computer.

The main functions of DarkComet RAT are System Monitor (Process, Registry, Startup, DNS Manager, etc.), File manager (which is even more complete than an FTP-server), Surveillance (Micro-capture, Keylogger, Screen capture, Webcam capture, etc.), Network functions (Scan for localcomputers, monitor network activity, WIFI viewer, download files from web, etc.) and much more. Both the DarkComet RAT Controller and its Controlled module can be detected by some antivirus-programs but that constitutes a false positive due of the abilities of the program in the system. The package doesn't and will not ever contain any viruses or other types of malware. Its why DarkComet RAT got such a very good reputation.

Zeus, ZeuS, or Zbot is Trojan horse computer malware that runs on computers running under versions of the Microsoft Windows operating system. While it is capable of being used to carry out many malicious and criminal tasks, it is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. It is also used to install the CryptoLocker ransomware.[1] Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation,[2] it became more widespread in March 2009. In June 2009 security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek.[3]

We deal in all kind of botnets and rats setup add me to get any kind of help I am ready to help u there